Are You Having A Technology Emergency?

Osgood Unlimited Blog

Osgood Unlimited has been serving the Massachusetts area since 2004, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Why Is Microsoft Warning Users About Password Spraying?

Why Is Microsoft Warning Users About Password Spraying?

As modern warfare has evolved, so too has cyberwarfare. There is always a war occurring in cyberspace, where hackers attempt to outdo security researchers. One such example of hackers—often sponsored by government agencies—attempting to engage in cyberwarfare can be seen in the United States and Israeli technology sectors, which have become the target of password spraying.

Password spraying involves hacking into multiple accounts by spamming commonly used passwords. Considering how frequently people use common passwords, as well as variations of those passwords, on3e can imagine how effective this tactic can be.

In the scenario outlined above, Microsoft has issued a warning that about 250 Microsoft Office 365 customers in the defense technology sectors have been targeted by password spraying tactics. Microsoft calls this group DEV-343, with the DEV in the name representing the fact that the attacks are, at this time, not sponsored by state actors. This group is thought to originate from Iran.

Less than 20 of the targets were actually compromised, but it’s still shocking to see high-profile targets opting for commonly used passwords. Microsoft has also reported that organizations that use multi-factor authentication are at less risk than those that don’t. As reported by Microsoft, security professionals should be wary of suspicious connections enabled by Tor networks: "DEV-0343 conducts extensive password sprays emulating a Firefox browser and using IPs hosted on a Tor proxy network. They are most active between Sunday and Thursday between 7:30 AM and 8:30 PM Iran Time (04:00:00 and 17:00:00 UTC) with significant drop-offs in activity before 7:30 AM and after 8:30 PM Iran Time. They typically target dozens to hundreds of accounts within an organization, depending on the size, and enumerate each account from dozens to thousands of times. On average, between 150 and 1,000+ unique Tor proxy IP addresses are used in attacks against each organization.”

Your business should always be prepared to take a look at traffic on its network—especially if the activity is suspicious in some way, like during off-times when nobody has any reason to be accessing your infrastructure. Passwords are only one part of a cybersecurity strategy, though, and you should be implementing security solutions like multi-factor authentication whenever possible.

Osgood Unlimited can help your business keep itself secure from threats of all kinds. To learn more, reach out to us at (978) 912-7006.

Do Humans Create Bias in the AI We’ve Developed?
Avoiding Network Bottlenecks Can Help Your Busines...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 21 November 2024

Captcha Image

Contact Us

Osgood Unlimited has been serving the Massachusetts area since 2004, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Learn more about what Osgood Unlimited can do for your business.

 

Latest Blog

Let me ask you this: would you trust every one of your team members with a key to your house? Of course not, right? After all, what if someone lost their copy or had it stolen from them? So, if you wouldn’t trust your entire team with acces...

About Osgood Unlimited

Osgood Unlimited has been serving the Massachusetts area since 2004, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses. It's always been our goal to provide enterprise-level IT practices and solutions to the small business sector, with small business prices.

Learn More

TOP